BMC Discovery 11.1

The goal of BMC Discovery is to automate asset discovery and identify systems in the network and obtain relevant information from them as quickly as possible and with the lowest impact, using a variety of different tools and techniques to communicate.

BMC Discovery version 11.1 patch 3 resolves some important defects. As a result of those enhancements, an appliance running 11.1 patch 3 cannot join a cluster running 11.1 patch 2 or earlier.

In normal circumstances, all cluster members have the same version. You can upgrade a cluster running any version from 10.1 onwards to 11.1 patch 3.

There is one obscure circumstance in which you may require a new appliance running 11.1 patch 2. If you have a fault tolerant cluster running 11.1 patch 2 (or an earlier patch) and a member has failed, then your cluster is in a degraded state. In that state, you must replace the failed member before you can upgrade the cluster. You cannot replace the failed member with a new appliance running 11.1 patch 3, so you must use an appliance running 11.1 patch 2. Once the cluster has recovered from the failure, it is possible to upgrade the whole cluster to 11.1 patch 3 as usual.

If you are in this situation, and you do not have an image of 11.1 patch 2 with which to replace the failed cluster member, please contact Customer Support. They will provide a suitable download.

The permission required to access the CSV and XML API has changed. You need to grant the new API access permission (api-access group), or updating group permissions to include the api/access permission for users who require access to the CSV and XML web APIs. Existing integrations will fail if you do not add the permission.

Updated SSH server

The SSH server installed on BMC Discovery appliances 10.2 and later has been modified. This modification removes some weak ciphers and HMAC algorithms (and non-FIPS approved) from the list of allowed connections. Therefore, some older versions of ssh clients might be unable to connect. The following client versions (or later) have been tested and are known to work:

PuTTY (0.64)

WinSCP (5.7.2)

mRemoteNG (1.72 using ssh2)

MobaXterm (6.5)

KiTTY (0.63.2.2)

Bitvise SSH Client (6.22)

BMC Atrium Discovery OS and application software have been tested and found to be free from susceptibility to date/time issues which may occur as the result of the additional day in a leap year.

You can create a custom PDF for a specific topic, a topic and its children, or a group of topics with a specific label. For information about how you can export a custom PDF from this space, see Exporting to PDF and other formats.

Ready-made PDF of this space

The following table provides ready-made PDF that contain snapshots of the content in this space.

What is the performance impact of running BMC Discovery?

Running BMC Discovery should have a minimal impact on your environment. The discovery techniques used are non-intrusive, lightweight and agent-free.

What can BMC Discovery discover in the network?

BMC Discovery is IP-based and can discover any host system with an IP connection including servers, workstations, network nodes, printers, wireless access points, and so on. In actuality, though, we aim BMC Discovery at datacenter discovery, and it is optimised to that purpose. For this reason, we do not explicitly support more client-side items, such as wireless access points, workstations and so on. Any support for those that does exist is a side effect of our support for server-side discovery, and we're unlikely to invest in improving it.

What discovery techniques do you use?

BMC Discovery uses a range of discovery techniques where appropriate. These include:

Will any network security need to be disabled for the discovery process?

Obviously, the BMC Discovery appliance needs to be able to reach areas of the network in order to discover hosts. However various methods of providing secure access are possible without disabling firewalls and access control policies, including using VPN tunnels and using Windows proxy BMC Discovery appliances. Some IDS systems might identify certain activities (such as port scans) as suspicious.

What is the impact of my applications running on platforms that are not supported by BMC Discovery?

The discovery process will identify endpoints on such computers if they are visible from other hosts. You will need to complete details of programs running on them manually, though it might also be possible to categorize some of the components of the applications running on the unsupported platform either by which port it, or its counterpart, is listening on.

Can the product introduce any risk into my network or application infrastructure?

To provide a clear picture of your total IT infrastructure, BMC Discovery will actually reduce risk in your network by allowing you to weed out rogue elements that do not meet corporate policy, are out of date or provide potential security holes. The BMC Discovery discovery process uses standard techniques that should not de-stabilize elements of the infrastructure. Since there are always risks with deploying new technology, BMC's implementation plan involves analyzing areas of potential risk and achieving the right balance of risk and reward. BMC's test plan is also aimed at minimizing risk, ideally including testing in the customer's test environment.

Do I need to install any software on other computers?

The BMC Discovery ethos is agent-free management. BMC does not believe the logistical challenges associated with having an agent on every node is justifiable, so no BMC Discovery-specific software needs to be installed on other computers. The BMC Discovery user interface is entirely web-based.

Why is agent-free discovery so important?

Agent-based discovery relies upon a level of control of asset deployment that does not exist in most businesses. It also implies a significant cost overhead to maintain agents on each platform, including approving, testing and deploying the agents. Finally, agents might not be available for the range of target platforms that your organization uses. We use standard techniques that have individually been authorized and deployed.

How do I reset the BMC Discovery user password?

If you forget your user interface (UI) password to log in to BMC Discovery, you can reset the password at the command line.

The tw_passwd utility enables you to change the password of a specified user interface user. To use the utility, enter the following command at command prompt:

The tw_passwd utility is for changing UI users' passwords. To change the passwords for command line users, as the root user, use the Linux command passwd. This is described in Changing the root and user passwords

BMC PATROL

BMC Atrium Orchestrator

BMC Atrium Orchestrator integrates, automates, and orchestrates processes across multiple applications and tools. When integrated with BMC Discovery, BMC Atrium Orchestrator triggers a rescan of the virtual machine that was moved, and the source and destination hosts.

BMC Remedy Single Sign-On

BMC Remedy Single Sign-On (BMC Remedy SSO) is an authentication system that supports various authentication protocols such as LDAP and provides single sign-on for users of BMC products. BMC Discovery provides an integration with BMC Remedy Single Sign-On makes use of same LDAP server as BMC Remedy Single Sing-On.

REST API

The REST API is intended to be used by a script or program that wants to interact with and control a BMC Discovery appliance from a remote machine.

CyberArk Enterprise Password Vault

CyberArk Enterprise Password Vault (CyberArk Vault) is a third-party application, which enables you to centrally manage credentials for the various systems that are installed in your environment. BMC Discovery provides an integration with CyberArk Vault to obtain credentials that are required to perform scans.

Was this page helpful? YesNoSubmitting...What is wrong with this page?ConfusingMissing screenshots, graphicsMissing technical detailsNeeds a videoNot correctNot the information I expectedYour feedback: